<?php
session_start();
// 禁止非 POST 方式访问
if (! isset($_POST['submit'])) {
    exit('非法访问!');
}
// 表单信息处理
if (get_magic_quotes_gpc()) {
    $nickname = $_SESSION['username'];
    $email = htmlspecialchars(trim($_POST['email']));
    $content = htmlspecialchars(trim($_POST['content']));
} else {
    $nickname = addslashes($_SESSION['username']);
    $email = addslashes(htmlspecialchars(trim($_POST['email'])));
    $content = addslashes(htmlspecialchars(trim($_POST['content'])));
}
if (strlen($nickname) > 16) {
    exit(htmlspecialchars_decode('错误：昵称不得超过16个字符串'));
}
if (strlen($email) > 60) {
    exit(htmlspecialchars_decode('错误：邮箱不得超过60个字符串'));
}

// 数据写入库表
require './core/conn.php';
$createtime = time();
$insert_sql = "INSERT INTO msg(nickname,email,content,createtime)VALUES";
$insert_sql .= "('$nickname','$email','$content',$createtime)";

if (mysqli_query($conn, $insert_sql)) {
    echo htmlspecialchars_decode("ok");
    exit();
} else {
    echo http_response_code('留言失败：'), mysqli_error();
}
?>